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OES NetStorage Administration Guide for Linux 


About This Guide 


This guide includes information on Novell® NetStorage, which provides secure Internet-based 
access to files and folders on a Linux” server in your network using either a browser or Microsoft" 
Web Folders. 


The following are included in this guide: 


+ Chapter 1, “NetStorage Overview,” on page 9 

+ Chapter 2, “What's New,” on page 13 

+ Chapter 3, “Installing NetStorage," on page 15 

+ Chapter 4, “Using NetStorage,” on page 19 

+ Chapter 5, “Administering NetStorage,” on page 23 

+ Chapter 6, “Troubleshooting NetStorage,” on page 33 
+ Appendix A, “Documentation Updates,” on page 37 


Documentation Conventions 


In this documentation, a greater-than symbol (>) is used to separate actions within a step and items 
in a cross-reference path. 


A trademark symbol Cc 7M, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party 
trademark. 


When a single pathname can be written with a backslash for some platforms or a forward slash for 
other platforms, the pathname is presented with a backslash. Users of platforms that require a 
forward slash, such as UNIX” or Linux, should use forward slashes as required by your software. 


User Comments 


We want to hear your comments and suggestions about this guide and the other documentation 
included with Novell OES. Please use the User Comment feature at the bottom of each page of the 
OES online documentation. 


About This Guide 
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NetStorage Overview 


NetStorage provides secure Internet-based access to files and folders on Linux and NetWare® 
servers on your network using either a browser or Microsoft Web Folders (Microsoft's 
implementation of WebDAV). NetStorage authentication relies on the power of Novell® 
eDirectory™ to provide secure access, so Internet-based access is as secure as accessing files from 
within the network. 


Novell NetStorage includes the following benefits: 


+ Lets users securely copy, move, rename, delete, read, and write files between any Internet- 
enabled machine and Linux or NetWare servers on your network. 


+ Eliminates the need to use a virtual private network (VPN) client to access files. 

¢ Eliminates the need to e-mail or copy data from one machine to another. 

+ Supports Internet standards such as HTTP, HTTPS, HTML, XML, and WebDAV. 

+ Supports the use of drive mappings that users are accustomed to when they log in using the 
Novell Client™ (see Section 1.2, “What Users See When They Access NetStorage,” on 
page 11). 

+ Supports access to users' Novell iFolder 2.x® accounts. 

+ Provides access to network files and folders via Novell Virtual Office, Novell iFolder 2.x, and 
Novell exteNd Director™ 4.1 Standard Edition. 


+ Supports Storage Location objects used to display a specified name for a network directory in 
the NetStorage directory access list displayed through Microsoft Web Folders or a Web 
browser (see “Storage Location” on page 29). 


With NetStorage installed on one Linux server with Novell Nterprise™ Linux Services, users can 
potentially have access to any Linux or NetWare 5 or later server anywhere on your geographically 
dispersed network. 


1.1 How NetStorage Works 


NetStorage is installed on one Linux server that acts as a Middle Tier (also known as XTier) server. 
Middle Tier server configuration information is stored in an XML file on the Linux server. Novell 
iManager provides an easy method for changing Middle Tier configuration. Xtier is Novell's Web 
services framework and is used by various Novell products. 


NOTE: Previous versions of NetStorage were administered using the NSAdmin utility. 
Configuration should now be done through Novell iManager. 
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After the Middle Tier server is set up, it appears as an Internet Web server to users and can be 
accessed either with a Web browser or with Microsoft Web Folders. NetStorage also includes a 
gadget that provides access through Novell exteNd Director 4.1 Standard Edition. 


Figure 1-1 Middle Tier Server 
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The Middle Tier server communicates with the NetWare or Linux servers in the network and 
provides secure authentication using eDirectory and the users' usernames and passwords. 
NetStorage also provides secure access to files that users have located on Novell iFolder 2.x and 
earler servers. 


IMPORTANT: 


Users must have their iFolder 2.x user accounts enabled through the iFolder server in order to access 
their files stored in iFolder using NetStorage. You must also enable the ability for users to set iFolder 
passphrases in NetStorage. For more information on iFolder, see the Novell iFolder 2.1 online 
documentation (http://www.novell.com/documentation/lg/ifolder2 l/index.html). 


iFolder 2.1 does not support 56-bit encryption. If you are using 56-bit encryption, you must use 
iFolder 1.03. 


All transactions can also be encrypted using SSL to increase the security. Novell iFolder transactions 
are secured using the iFolder encryption mechanism. 


For more detailed information on creating and using login scripts, see the . For specific information 
on how login scripts are processed by NetStorage, see “Setting Up Login Scripts in the Novell Client 
for Windows Installation and Administration Guide." See also Login Script Processing by 

NetStorage" TID10068983 (http://support.novell.com/cgi-bin/search/searchtid.cgi?/10068983.htm). 
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1.2 What Users See When They Access 
NetStorage 


The NetStorage Web page displays the network files and folders currently accessible for each user. 
For NetWare servers, NetStorage reads the user's login script to determine drive mappings, reads 
eDirectory User object properties to determine the path to the user's home directory, reads the user's 
Novell iFolder account, and then displays a list of files and folders based on this information. 
Storage Location objects are required for accessing files and directories on Linux servers and can 
also be used on NetWare servers. If Storage Location objects have been created and the user has 
rights to view these objects, the directories associated with these objects are also displayed. 


NetStorage reads the container, profile, and user login scripts only from the primary eDirectory 
server specified during the installation and for NetWare servers, displays the user's drive mappings 
based only on those login scripts. However, because login scripts were designed to be processed by 
the Novell Client on the user’s workstation, NetStorage processes only a subset of the login script 
functions. 


TIP: If you specified alternate IP addresses or DNS names of servers in other eDirectory trees 
during the NetStorage installation, NetStorage reads the User object properties in the other 
eDirectory trees and also displays those home directories. This is useful if a user normally logs in to 
more than one eDirectory tree and you want that user to have access to additional home directories 
in different eDirectory trees using NetStorage. The User object name must be the same for each 
eDirectory tree. 


NetStorage processes login scripts in order to find MAP statements. Each MAP statement defines a 
NetWare file system storage resource that the user will be able to access using NetStorage. IF, ELSE, 
END, INCLUDE, and EXIT commands are also recognized by NetStorage. All other login script 
statements are treated as comments and ignored. Finally, login script variables are also recognized. 
Variables are preceeded by a percent sign (%). Since mapped drives do not exist in Linux, you must 
create and use Storage Location objects to access storage on Linux servers. 


Users might have specific eDirectory rights to certain files and folders on your network, but will not 
be able to access those files and folders using NetStorage unless login script drive mappings exist to 
those folders or the files and folders are in the user's home directory, or Storage Location objects 
have been created. If you want to provide users with NetStorage access to a specific folder, you 
might have to add a drive mapping command to that folder in a login script (container, profile, or 
user) or create a Storage Location object. 


1.3 What's Next 


For more information on installing NetStorage, see Chapter 3, “Installing NetStorage," on page 15. 


If you need to provide users with information on how to use NetStorage, see Chapter 4, “Using 
NetStorage," on page 19. 


After you have installed NetStorage, you can administer settings. See Chapter 5, “Administering 
NetStorage," on page 23. 


If you need to troubleshoot issues with NetStorage, see Chapter 6, “Troubleshooting NetStorage,” 
on page 33. 
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What's New 


The following changes and enhancements were added to NetStorage for Linux for Novell Open 
Enterprise Server (OES) Support Pack 1. No changes and enhancements were added to NetStorage 
for Linux for Novell Open Enterprise Server (OES) Support Pack 2. 


¢ The ability to add support for dotted usernames, e-mail address names, and Universal 
passwords. See “Authentication Domains” on page 24. 


+ You can now sort directory and file listings in ascending or descending order by name, size, or 
date. See Section 4.1, “Accessing NetStorage,” on page 19. 


+ Directory Map objects are now supported in login scripts. 


+ You can now browse volume objects down to subdirectories and individual files using 
iManager. This new functionality is enabled through NetStorage. NetStorage must be installed 
and configured correctly for this to work. 


What's New 
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Installing NetStorage 


NetStorage is automatically installed and preconfigured to default settings during the Open 
Enterprise Server (OES) installation. OES is now part of the SUSE LINUX Enterprise Server 
(SLES) 9 installation. For more information, see the OES Linux Installation Guide. You can change 
the NetStorage configuration from the default settings during the OES installation. See Changing the 
NetStorage Default Configuration below for more information. For most networks, you need 
NetStorage installed on only one server; however, this might vary depending on the size of your 
network and your organization's needs. For example, if your company is geographically dispersed, 
you might want to install NetStorage on one server in each geographic region. 


You can use Novell® iManager to change the NetStorage configuration after the OES installation. 


For more information on iManager, see Chapter 5, “Administering NetStorage,” on page 23. 


3.1 Requirements 


In addition to meeting the requirements for OES, NetStorage requires the following: 


Q Server Requirements: At least one Linux server with OES or one NetWare 6.5 server in the 
Novell eDirectory™ tree where NetStorage will be installed. 


An eDirectory replica is not required to be on the same server where NetStorage is installed. 


IMPORTANT: In order to avoid time issues, this server must have time set correctly 
according to your network specifications. If time is not set, workstations might not be able to 
access files. 


Q Workstation Requirements: Netscape” Navigator” 4.7 or later, Internet Explorer 5.5 or later, 
Mozilla*, other Linux browsers, or Microsoft Web Folders. 


3.2 Installing NetStorage After the OES 
Installation 


If you did not install during the OES installation, you can install it later. To do this, enter yast2 
netstorage at the Linux server console and then continue with Step 2 on page 15. 


3.3 Changing the NetStorage Default 
Configuration 


You can change the NetStorage default configuration during the OES installation. To do this 
1 Start the OES installation and continue through the installation process until you reach the 
Installation Settings screen, then click the NetStorage link. 


2 Choose whether you are installing locally or remotely, accept or change the admin name and 
password, then click Next. 


Locally indicates that you are also installing eDirectory on this server. It is recommended that 
you install eDirectory on cluster nodes. If you are not installing eDirectory on this server, 
choose Remote. 
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3 Enter the IP address that you assigned to Novell iFolder ax. 


IMPORTANT: It is not currently possible to access iFolder 3.x using NetStorage. 


The iFolder IP address is optional but, if specified, will allow NetStorage users to access and 
manipulate files and directories in their iFolder directories on the iFolder server. 


Users must have their iFolder user accounts enabled through the iFolder server in order to 
access their files stored in iFolder using NetStorage. You must also enable the ability for users 
to set iFolder passphrases in NetStorage. For more information on iFolder, see the Novell 
iFolder 2.1 Installation and Administration Guide. 


4 Enter the IP address for the NetStorage Authentication Domain Host, or accept the default. 


This is the IP address of a server in your eDirectory tree that has the master replica or a read/ 
write replica of eDirectory. 


The eDirectory server IP address is required for NetStorage to function properly. This does not 
necessarily have to be the IP address of the server where NetStorage is to be installed. 


When a user attempts to log in, NetStorage searches the eDirectory database on the server you 
specify for the User object. If the User object is found, NetStorage attempts to authenticate the 
user to eDirectory. 


5 Enter the Proxy User Name including the context, or accept the default. 


This is required so that NetStorage has sufficient rights to get and save users' iFolder 
passphrases the first time they access iFolder. This prevents users from having to enter their 
passphrase when accessing files and directories on an iFolder server. The default is the Admin 
user that is created during the eDirectory installation. 


6 Enter the Proxy User Password, or accept the default. 
7 Enter the Users Context, or accept the default. 


This is the eDirectory context for the users that will use NetStorage. NetStorage searches the 
eDirectory tree down from the specified context for User objects. If you want NetStorage to 
search the entire eDirectory tree, specify the root context. 


3.4 Creating Storage Location Objects and Lists 


After installing NetStorage, you might be able to see only your iFolder directory and a local shared 
directory on the Linux server using NetStorage. Storage Location objects are required for accessing 
files and directories on Linux servers unless you have the NCP™ Server component of OES 
installed. They can also be used on NetWare servers. Without NCP Server, users might have specific 
eDirectory rights to certain files and folders on your network but will not be able to access those 
files and folders using NetStorage unless storage location objects have been created. 


3.4.1 SSH Storage Location Objects 


A new file access method has been added to NetStorage that allows access to files on Linux systems 
that don't support either NCP or CIFS protocols. This method uses the Secure Shell (SSH) protocol 
to access files on Linux systems. SSH is accessed by creating an eDirectory Storage Location object 
with a URL prefix of ssh://. For example: 


ssh://yourserver.yourcompany.com/home/youruser 
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The username and password that you use to access files on your Linux system must be the same as 
those used to log in to NetStorage. You can use the SSH file access method with NetStorage to 

access files locally on your Linux system if NetStorage is running on that system. To do this, create 
a Storage Location object that uses the IP address of the local Linux machine with the ssh:// prefix. 


3.4.2 Creating a Storage Location Object 


1 Start your browser (Internet Explorer 5 or later, Mozilla, etc.) and specify the URL for 
iManager. 


The URL is http://server_ip_address/nps/imanager.html. Replace server ip address with the 
IP address or DNS name of the Linux server running NetStorage or the IP address for Apache- 
based services. 


2 Enter your username and password. 

3 Inthe left column, click File Access and then click New Storage Location. 

4 Specify the object name, display name, directory location, context, and a comment. 
The object name is the name of the object in the eDirectory tree. 


The display name is the name to be displayed in the NetStorage directory access list. This is the 
shortcut name and is seen by users. If you use the same display name for two different Storage 
objects, a digit is added to the names to make each name unique. 


The directory location is the location of the directory on the file system. The location is a URL 
that includes the file system type, server name, volume, and directory path. 


If the storage being accessed is on a NetWare server, the URL must be in the following format: 
ncp://server name/volumelpath to directory 

For example: 

nep://server | .digitalair.com/mktg/reports 

or 

nep://111.222.3.4/mktg/reports 


If the storage being accessed is on a Linux server, the URL must be in one of the following 
formats: 


+ nep://server_name/volume/path_to_directory 


This method requires that the NCP Server component of OES be installed on your Linux 
server. 


A storage location using this format can only access files on an NCP or NSS volume. 
+ cifs://server_name/cifs_share_name 


This method can be used if you have configured a CIFS or Samba share (cifs can be 
interchanged with smb in the format). 


+ ssh://yourserver.yourcompany.com/home/youruser 


This method allows access to files on Linux systems that don't support either NCP or CIFS 
(SMB) protocols. 


If the file system is omitted, it is assumed that it is NCP. 


The context is the directory context that the Storage Location object resides in. Click the object 
selector to select the context. 


Installing NetStorage 


17 


The comment is entered by the administrator and is not displayed to users. 
5 Click Create, then click OK. 


3.4.3 Creating a Storage Location List 


After you create a Storage Location object, you must create a list of Storage Location objects that 
can be used with a specified User, Group, Profile, or Container object. Users will see the directory 
associated with the object the next time they log in. After this list is created, you can modify it in the 
same window by assigning additional Storage Location objects to the list or by deleting Storage 
Location objects from the list. 


1 Start your browser (Internet Explorer 5 or later, Mozilla, etc.) and specify the URL for 
iManager. 


The URL is http://server_ip_address/nps/imanager.html. Replace server ip address with the 
IP address or DNS name of the Linux server running NetStorage or the IP address for Apache- 
based services. 


2 Enter your username and password. 
3 Inthe left column, click File Access, then click Assign Storage Location to Object. 


4 Click the Object Selector button; select the User, Group, Profile, or Container object that the 
list is to be created for; then click OK. 


5 Click the Object Selector button, select the Storage Location objects you want included in this 
list, then click OK. 


You can select multiple Storage Location objects in the Object Selector window. When you 
select multiple Storage Location objects, they appear in the Selected Objects list. If the list 
already contains Storage Location objects and you want to add more, ensure that the original 
objects are still in the list before clicking OK. 


You can remove existing storage locations by deleting their names from the list before clicking 
OK. 


6 When you are finished creating or modifying the list, click OK. 


3.5 What's Next 


After you have installed NetStorage, inform users that they can access their files from the Web. 
Instructions for accessing files using NetStorage are available in Chapter 4, "Using NetStorage,” on 
page 19. 


If you need to change the NetStorage configuration, use iManager. See Chapter 5, “Administering 
NetStorage,” on page 23. 
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Using NetStorage 


NetStorage provides secure Internet-based access to files and folders on Linux and NetWare® 
servers on your network using either a browser or Microsoft Web Folders (Microsoft's 
implementation of WebDAV). NetStorage authentication relies on the power of Novell® 
eDirectory™ to provide secure access, so Internet-based access is as secure as accessing files from 
within the network. 


Based on how NetStorage has been configured, the NetStorage Web page displays the network files 
and folders you have access to. Initially, you may be able to see only your iFolder directory, a local 
shared directory, and NSS volumes on the Linux server. Storage Location objects are required for 
accessing files and directories on Linux servers unless the NCP Server component of OES is 
installed. They can also be used on NetWare servers. For Linux servers with NCP Server installed, 
NetStorage reads your login script to determine drive mappings, reads eDirectory User object 
properties to determine your home directory, and then displays a list of files and folders based on 
mapped drives and home directories. If you usually log in to more than one eDirectory tree, you 
might have access to additional home directories in different eDirectory trees. If you have a Novell 
iFolder 2.x® account, the iFolder directory is also displayed. However, some NetStorage features 
such as Download and Lock are not available with Novell iFolder. 


NetStorage reads the container, profile, and user login scripts only from the primary eDirectory 
server specified during the installation and displays the user's drive mappings based only on those 
login scripts. 


Users might have specific eDirectory rights to certain files and folders on your network, but will not 
be able to access those files and folders using NetStorage unless Storage Location objects have been 
created, login script drive mappings exist to those folders, or the files and folders are in the user's 
home directory. If you want to provide users with NetStorage access to a specific folder, you might 
have to add a drive mapping command to that folder in a login script (container, profile, or user). 


4.1 Accessing NetStorage 


To access NetStorage from a workstation: 
1 Start your browser or Microsoft Web Folders, then specify the URL for NetStorage. 


The URL is http://server ip address/oneNet/NetStorage/. Replace server ip address with the 
IP address or DNS name of the server running NetStorage or the IP address for Apache-based 
services. If Apache-based services use a port other than 80, you must also specify that port 
number with the URL. 


For example, if the IP address for NetStorage is 127.1.1.1, then you would specify 127.1.1.1/ 
oneNet/NetStorage/. 


In the above example, if you had changed the port number to 51080, then you would specify 
127.1.1.1:51080/oneNet/NetStorage/. 


NOTE: While the oneNet portion of the URL is required if using WebDAV (Web Folders) it is 
not required if using a browser. Using a browser, you could just use 127.1.1.1/NetStorage/. 
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If you have the Persistent Cookies feature enabled (See Section 5.2.6, “NetStorage Options," 
on page 27), the date and time on the workstation being used to access NetStorage should be 
within 24 hours of the date and time on the server running NetStorage in order to avoid 
conflicts. 


2 Enter your username and password. 


NetStorage uses your Novell eDirectory username and password, so you don't need to 
remember or use a separate username or password. 


You can use many of the same conventions for expanding and contracting folders and opening files 
that are available in Windows* Explorer. To create new folders or copy, paste, delete, rename, move, 
upload, or download existing files using a browser, click the File menu. If you are using Internet 
Explorer, you can copy and move files and folders by dragging and dropping them. This 
functionality is not available with browsers other than Internet Explorer. 


Clicking the Folder View button in the browser window displays folders in another column and lets 
you expand and contract folders. The Text View displays only the files and folders in the current 
directory and does not let you expand or contract folders. Clicking the Name, Size, or Modified 
headings lets you sort directory and file listings in ascending or descending order by name, size, or 
date. 


Local files and folders in a shared directory on the Linux server where NetStorage is installed can be 
accessed using NetStorage. This is useful for uploading files to the local Linux server. The path to 
the shared folder is /var/opt/novell/netstorage/shared. 


You cannot map drives or change login scripts from NetStorage. 


NetStorage lets you upload and download multiple files and folders simultaneously. 


4.2 Viewing or Modifying Directory and File 
Attributes and Rights 


NetStorage provides the ability to view or change NSS and NCP™ directory and file attributes and 
rights. If you have created a Storage Location object using NCP, the ability to change file and 
directory attributes is limited unless you are logged in as user Admin or equivalent. This limititation 
does not apply if you have created a Storage Location object using SSH. See “Creating a Storage 
Location Object” on page 29 for more information. 


To view or modify directory or file rights using NetStorage: 
1 Start your browser and specify the URL for NetStorage. 


The URL is http://server_ip_address/oneNet/NetStorage/. Replace server ip address with the 
IP address or DNS name of the server running NetStorage or the IP address for Apache-based 
services. If Apache-based services use a port other than 80, you must also specify that port 
number with the URL. 


For example, if the IP address for NetStorage is 127.1.1.1, then you would specify 127.1.1.1/ 
oneNet/NetStorage/. 


In the above example, if you had changed the port number to 51080, then you would specify 
127.1.1.1:51080/oneNet/NetStorage/. 
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NOTE: While the oneNet portion of the URL is required if using WebDAV (Web Folders) it is 
not required if using a browser. Using a browser, you could just use 127.1.1.1/NetStorage/. 


The date and time on the workstation being used to access NetStorage should be reasonably 
close (within a few hours) to the date and time on the server running NetStorage to avoid 
conflicts. 


2 Enter your username and password. 


NetStorage uses your Novell eDirectory username and password, so you don't need to 
remember or use a separate username or password. 


3 Right-click the directory or file you want to view or modify attributes or rights for and select 
Properties. 


4 Click the NetWare Info tab to view or modify directory or file attributes. Click the NetWare 
Rights tab to view or modify file system trustee rights. 


Although the option label refers to NetWare, use the option for your Linux NSS and non-NSS 
volumes, and your NetWare NSS volumes. For information about file system trustees, trustee 

rights, and attributes for directories and files on NSS volumes, see the Novell Storage Services 
File System Administration Guide for OES. 


For additional information on directory and file attributes and rights, see the Novell Client for 
Windows Installation and Administration Guide. 


NOTE: Viewing or changing directory and file attributes and rights using NetStorage is only 
possible using a browser. This functionality is not available using Microsoft Web Folders. 


4.3 Setting Directory Quotas on NSS Volumes 
and Directories 


Using NetStorage, you can create or change directory quotas on NSS volumes and directories for 
both NetWare and Linux. See “Managing Space Quotas for Volumes, Directories, and Users" in the 
Novell Storage Services File System Administration Guide for OES. You must be a user with rights 
equivalent to the Admin user to create or change directory quotas. 


To create or change NSS directory quotas using NetStorage: 
1 Start your browser and specify the URL for NetStorage. 


The URL is http://server_ip_address/oneNet/NetStorage/. Replace server_ip_address with the 
IP address or DNS name of the server running NetStorage or the IP address for Apache-based 
services. If Apache-based services use a port other than 80, you must also specify that port 
number with the URL. 


For example, if the IP address for NetStorage is 127.1.1.1, then you would specify 127.1.1.1/ 
oneNet/NetStorage/. 


In the above example, if you had changed the port number to 51080, then you would specify 
127.1.1.1:51080/oneNet/NetStorage/. 


NOTE: While the oneNet portion of the URL is required if using WebDAV (Web Folders) it is 
not required if using a browser. Using a browser, you could just use 127.1.1.1/NetStorage/. 
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The date and time on the workstation being used to access NetStorage should be reasonably 
close (within a few hours) to the date and time on the server running NetStorage to avoid 
conflicts. 


2 Enter your username and password. 


NetStorage uses your Novell eDirectory username and password, so you don't need to 
remember or use a separate username or password. 


3 Right-click the directory or file you want to create or change a directory quota for and select 
Properties. 


4 Click the NetWare Info tab and then click the Restrict size checkbox. 
5 Specify the directory size limt and click Apply to save your changes. 


4.4 Purging and Salvaging Deleted NSS Files 


Using NetStorage, you can purge and possibly undelete NSS files that were previously deleted if 
either of the following is true: 
+ You are user Admin and have the NCP Server component of OES installed on the Linux server. 
+ You have a Storage Location object set up to the directory where the deleted files or folders 
were. 
Access NetStorage and, in the left column, select the directory where the deleted files were. 
Click View and then Show Deleted Files. 
Check the boxes next to the files you want to undelete or purge. 
Click File and then either Purge or Undelete. 
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Administering NetStorage 


You can change your NetStorage configuration after NetStorage has been installed on a Linux server 
(known as the Middle Tier or XTier server) using Novell® iManager. NetStorage configuration 
information is stored in an XML file on the Linux server and iManager provides an easy method for 
changing NetStorage configuration. iManager requires Internet Explorer 5 or later. 


IMPORTANT: After changing any settings, you must restart the Apache Web server. To do this, at 
the Linux command prompt, change to the /etc/opt/novell/httpd/init.d/httpd directory and enter . / 
httpd stop to stop the Web server. Wait one minute and then enter . /httpdstart to restart 
the Web server. 


5.1 Using iManager to Administer NetStorage 


1 Open an Internet browser and enter the URL for iManager. 


The URL is https://server ip address/nps/imanager.html. Replace server ip address with the 
IP address or DNS name of the Linux server running NetStorage or the IP address for Apache- 
based services. 


The date and time on the workstation being used to access NetStorage should be reasonably 
close (within a few hours) to the date and time on the server running NetStorage to avoid 
conflicts. 


2 Enter your username and password. 


3 Inthe left column, locate the File Access (NetStorage) configuration options you want to 
change. 


iManager displays a list of links in the left column that are used to access the various pages for 
editing and viewing NetStorage configuration information in the XML file. For more 
information on each setting, click Help or see Section 5.2, “Understanding the NetStorage 
Configuration Settings," on page 23. 


4 Make the necessary configuration changes. 


5.2 Understanding the NetStorage Configuration 
Settings 
This section includes information on all configuration settings that can be set. The settings are 


organized according to the link in the left column that they appear under. This information is also 
available if you click Help. 


Most configuration settings have a Set Defaults button. If you click the Set Defaults button, the 
value is set to whatever value appears in the Default Value column. If there is no value in the Default 
Value column, the value is set to blank (no value) 

* Authentication Domains (page 24) 

* "Current Sessions" on page 25 


* Section 5.2.3, “Files,” on page 25 
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+ "jFolder Storage Provider” on page 25 

+ “NetWare Storage Provider” on page 26 

+ Section 5.2.6, *NetStorage Options," on page 27 
+ “NetStorage Statistics” on page 29 

+ “Resource Usage” on page 29 

+ Section 5.2.9, “WebDAV Provider,” on page 29 


+ “Storage Location” on page 29 


5.2.1 Authentication Domains 


Lets you change or add the Novell eDirectory™ server URLs and contexts that are required by 
NetStorage. This page also lets you add support for dotted usernames, e-mail address names, and 
Universal passwords, as well as giving you the option to change the eDirectory server that is 
designated as the Primary. 


Setting Description 


Dotted Names Allows the use of a dot in a username. Some usernames contain dots (for 
example: john.doe). Enabling this option allows usernames containing dots to 
authenticate through NetStorage. 


If this option is disabled, usernames containing dots may still authenticate through 
NetStorage by adding a forward slash (/) in front of the dot in the username (for 
example: john/.doe). 


eMail Address Allows the use of the At symbol (@) in a username. Some usernames are e-mail 

Names address names and contain the At symbol character. Enabling this option allows 
usernames containing this character to authenticate through NetStorage. If this 
option is disabled, NetStorage reads the username up to the At symbol character 
and then tries to authenticate with that much of the name. 


Universal Enabling this option allows universal passwords to be used for NetStorage 
Password Authentication. 


Universal password functionality is disabled by default. If you have enabled 
unversal passwords, enable this option to let users with universal passwords 
authenticate through NetStorage. 


If universal passwords have not been configured and enabled, selecting this 
option will have no effect. NetStorage will use whatever password type is 
configured. 


See Deploying Universal Passwords (http://www.novell.com/documentation/ 
nmas23/index.html?page=/documentation/nmas23/admin/data/allq21t.html) for 
information on configuring universal passwords. 


Add Domain Adds another eDirectory server IP addresses or DNS name. Users are 
authenticated to this eDirectory server. 


Make Primary Makes the eDirectory server URL listed above the button the Primary. 


Remove Domain Removes the eDirectory server URL from the list of URLs used by NetStorage. 
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Setting Description 


Add Context Adds a context that NetStorage searches when authenticating users. Use periods 
to separate the context. For example, ou=users.o=digitalair. 


If the user is not located in the first context, any additional contexts added here are 
searched. If the user is not found in any context listed, an LDAP search of all 
subdirectories is performed. 


If clear-text passwords are not enabled on the server, this search fails. 
Remove Context Removes the context (if there is one) from the eDirectory server URL. 


Add Host Lets you list additional hosts for an Authentication Domain. Clicking the Add Hosts 
button lets you create a list of alternative hosts for the domain. 


If the Middle Tier server cannot reach the host specified in the domain, it searches 
the Other Hosts list specified in the Value field to find another server to use for 
authentication. Specify DNS names or IP addresses of alternate servers, 
separated by a comma delimiter, in the Value field. 


For example, you could enter a string similar to either of the following: 


Middletier.boston.digitalair.com,Middletierl.boston.di 
gitialair.com 


or 
111.22.33.4,111.22.33.41 


Context Priority Lets you specify a priority for the context assigned to the eDirectory server URL. 
Adding a context priority lets you specify the order you want the different contexts 
searched. 


If no context priority is specified, the default priority is used, which is O. The priority 
range is from 0 (lowest) to 9999999. 


5.2.2 Current Sessions 


Displays a report with information on the current NetStorage sessions. 


5.2.3 Files 


Displays the NetStorage Web page. This provides a way to access NetStorage from iManager, 
without entering the NetStorage URL. See Chapter 4, *Using NetStorage," on page 19 for more 
information on the NetStorage Web page. 


5.2.4 iFolder Storage Provider 
If you have Novell iFolder 2.x? installed on your Linux server, you can view or edit the following 


iFolder-specific configuration settings. 


Settings Description 


Root The name of the root directory for iFolder. The root iFolder directory is a virtual 
directory, and changing it will change the iFolder directory name users see when 
accessing their files and directories on the iFolder server. The default is iFolder. 
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Settings 


Passphrase Form 
Protocol 


iFolder Server 


Secure Port 


Description 


This field should not be changed unless you want users' passphrases to be sent in 
clear text. The default is HTTPS. 


The DNS name and port number for the iFolder server. This setting shouldn't need 
to be changed unless you are changing the iFolder server your users will access. 


If you click Set Defaults, the value is set to whatever value appears in the Default 
Value column. If there is no value in the Default Value column, the value is set to 
blank (no value). 


The port number that HTTPS is running on. This setting normally does not need to 
be changed. The default is 443. 


5.2.5 NetWare Storage Provider 


Settings 


Home Name 


Drive Name 


Public Directory 
Name 


Description 


This text is displayed on the NetStorage Web page and is followed by the tree 
name and path to the user's home directory. The user might have home 
directories in multiple trees, in which case multiple paths are displayed. 


The default is Home@. You might want to change this if you want to reference 
home directories with a different word or in a language other than English. See the 
"Alternate Tree Name" listing below for more information on configuring 
NetStorage to display multiple home directories. 


This text is displayed on the NetStorage Web page and will include the drive letter 
being referenced followed by the path to the mapped drive. The user's login script 
on the Primary tree is parsed by NetStorage to gather information on mapped 
drives. 


You might want to change this if you want to use a different word or words to 
reference mapped drives on the NetStorage Web page. This applies to 
NetStorage on NetWare servers only. 


This registry key provides a way for any NetStorage user to make documents or 
files available to other NetStorage users. 


A public directory can be automatically created in each user's home directory by 
NetStorage. If public directories are created by NetStorage, all users in the same 
eDirectory context will have Read and File Scan rights to the other users' public 

directories. 


If you don't want public directories created in users' home directories, leave this 
field blank (the default). 


If you want public directories created in users' home directories, enter the name 
for the public directories. For example, if you specify My Public Files as the name 
for the public directories, a folder named My Public Files is created at the root of 
each user's home directory the first time the user logs in using NetStorage. 


To access a public directory, users need to add ~username at the end of the URL 
used to access NetStorage. For example if you want to access the public directory 
for a user named jsmith, you might specify a URL similar to http://file.i-login.net/ 
oneNet/NetStorage/~jsmith. 
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Settings 


Alternate Tree 
Name 


Container Search 
Height 


Home Dirs 


Check MAP Drives 


Login Scripts 


Storage Locations 


Description 


When a user's home directory is displayed by NetStorage, the name of the 
eDirectory tree is also displayed. With this configuration field, you can substitute 
the tree name that users see in NetStorage to something that might be more 
intuitive. For example, if the tree name is SERVICES 2 and you want users to see 
i-Login, you would type SERVICES2/i-Login in this configuration field. The 
eDirectory tree name and the substitute name are separated with a slash (/). 


NetStorage can access user home directories in multiple eDirectory trees. If you 
want to substitute eDirectory tree names in more than one tree, separate those 
tree name substitutions with a comma. An example of this is SERVICES2/i- 
Login, SERVEME2/Staging. 


Specifies the number of container levels (from where the User object is located) 
that NetStorage will search up in the eDirectory tree for the container login script. 
The default is 1, which is the same level used by Novell Client™ software. 


If you specify a number greater than the number of container levels in the 
eDirectory tree, NetStorage will search up to and including the root container in 
the tree. If you specify 0, NetStorage will only search the container where the User 
object is located. 


Specifies if home directories are to be processed. The default is 1, meaning that 
they are processed. If you specify 0, no home directories are processed or 
displayed to the user. 


Specifies if mapped drives (from login script MAP statements) are checked when 
the user logs in. The default is 0, meaning that mapped drives are not checked 
and all mapped drives are displayed to the user. If the user attempts to access a 
mapped drive pointing to a directory that does not exist or that the user does not 
have access rights to, an error occurs. 


If you specify 1, each mapped drive is checked at login and map drives that do not 
exist or that the user does not have access to are not displayed. 


Specifies if login scripts are to be processed. The default is 1, meaning that they 
are processed. If you specify 0, login scripts are not processed, and any mapped 
drives specified in login scripts will not be displayed to the user. 


Specifies if storage locations are to be used. The default is 1, meaning that they 
are used. If you specify 0, storage locations are not used, and any storage 
locations that have been created will not be available to users. 


5.2.6 NetStorage Options 


Settings 


Proxy Username 
and Proxy 
Password 


Description 


The Admin username and password that you entered when you installed NNLS. If 
you want the Middle Tier Server to use a different username and password for 
administrator access, specify them in the fields provided. 


If you click the Set Defaults button, the value is set to whatever value appears in 
the Default Value column. If there is no value in the Default Value column, the 
value is set to blank (no value). 
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Settings Description 


Location The registered location you want users to enter as part of the NetStorage URL to 
access NetStorage. The default is oneNet. 


If you change this registry setting, you must also edit the etc/opt/novell/xtier/ 
xsrv.conf file and change the /oneNet setting in the Location section (first section) 
to the same setting you specified in iManager. 


Session Timeout The amount of time (in seconds) that the session will remain idle before it is 
terminated. If there is no NetStorage activity for this amount of time, the user is 
required to log in again to NetStorage before being allowed file access. 


Janitorial Interval This setting should not be changed except under direction from Novell. 


Persistent This setting can be turned either on or off. With the value set to 0, Persistent 

Cookies Cookies is turned off. Persistent Cookies is turned off (the default) if there is no 
value or if the value is set to 0. You can turn Persistent Cookies on by changing 
the value to 1. 


With Persistent Cookies turned off, the NetStorage will end when the user closes 
the current browser or Web folder. Also, if the user has a current instance of 
NetStorage running in a browser window or Web folder and starts up a new 
browser instance or Web folder, the user will be required to reauthenticate. 


Turning off Persistent Cookies can be beneficial if you have workstations that are 
shared because as long as the browser instance is closed, the next user of the 
workstation cannot accidentally or intentionally obtain access to your network 
through NetStorage. 


Leaving Persistent Cookies turned on can be beneficial if your workstations are 
not shared, because it prevents users from having to unnecessarily 
reauthenticate. 


If the user selects the Logout option in NetStorage, the session will end regardless 
of whether Persistent Cookies is turned on or off. 


LDAP Port Lets you change the LDAP port number if there is a conflict between Active 
Directory* and eDirectory for LDAP requests. 


This conflict exists because the back end is acting as a domain controller, which 
has Active Directory installed on it. The conflict is created by both eDirectory and 
Active Directory attempting to use the same default port (number 389). Active 
Directory normally wins the conflict. The Proxy User object type exists in 
eDirectory but not in Active Directory. Because of this, when the Middle Tier 
server tries to bind as a Proxy User, the bind attempt fails. This is also the reason 
LDAP lookups fail. 


Cookieless The Cookieless option can be turned either on or off. With the value set to 0, 
Cookieless authentication is turned off (the default). Cookieless authentication can 
be turned on by setting the value to 1. 


Cookieless authentication is needed for some clients that use versions of WebDav 
that don’t support cookies. For example, Apple clients use a WebDav version that 
does not support cookies. 


If Cookieless Authentication is turned on, you must close all browser instances to 
log out. 
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5.2.7 NetStorage Statistics 


Displays a report with information about server up time, login failures, number of NetStorage 
sessions, etc. 


5.2.8 Resource Usage 


Displays a detailed report of resource utilization for NetStorage. 


5.2.9 WebDAV Provider 


Settings Description 
Moniker The location of the NetStorage WebDAV provider (xdav.nlm). It is the location you 


want users to specify as part of the NetStorage URL to access NetStorage. The 
default is NetStorage. 


Template The directory for the HTML interface. This setting should not be changed except 
Directory under direction from Novell. 


5.2.10 Storage Location 


You can create a Storage Location object to display a specified name for a network directory in the 
NetStorage directory access list displayed through Microsoft Web Folders or a Web browser. 
Creating a Storage Location object is useful if users expect that the directory will have a certain 
name. Unlike directories that are displayed from a login script, Home directory, or iFolder that have 
a name that cannot be altered, you can specify the Storage Location object name. 


After you have created a Storage Location object, you must associate this object with a User, Group, 
Location, or Container object. Users will see the directory associated with the object the next time 
they log in. 


Creating a Storage Location Object 


1 Start your browser (Internet Explorer 5 or later, Mozilla, etc.) and specify the URL for 
iManager. 


The URL is http://server_ip_address/nps/imanager.html. Replace server ip address with the 
IP address or DNS name of the Linux server running NetStorage or the IP address for Apache- 
based services. 


2 Type your username and password. 

3 In the left column, click File Access, then click New Storage Location. 

4 Specify the object name, display name, directory location, context, and a comment. 
The object name is the name of the object in the eDirectory tree. 


The display name is the name to be displayed in the NetStorage directory access list. This is the 
shortcut name and is seen by users. If you use the same display name for two different Storage 
objects, a digit is added to the names to make each name unique. 


The directory location is the location of the directory on the file system. The location is a URL 
that includes the file system type, server name, volume, and directory path. 
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If the storage being accessed is on a NetWare server, the URL must be in the following format: 
ncp://server name/volume/lpath to directory 

For example: 

nep://server | .digitalair.com/mktg/reports 

or 

nep://111.222.3.4/mktg/reports 


If the storage being accessed is on a Linux server, the URL must be in one of the following 
formats: 


+ nep://server_name/volume/path_to_directory 


This method requires that the NCP Server component of OES be installed on your Linux 
server. 


+ cifs://server namelcifs share name 


This method can be used if you have configured a CIFS or Samba share (cifs can be 
interchanged with smb). 


+ ssh://yourserver.yourcompany.com/home/youruser 


This method allows access to files on Linux systems that don't support either NCP or CIFS 
(SMB) protocols. 


If the file system is omitted, it is assumed that it is NCP™. 


The context is the directory context that the Storage Location object resides in. Click the object 
selector to select the context. 


The comment is entered by the administrator and is not displayed to users. 
5 Click Create, then click OK. 


Creating or Modifying a Storage Location List 


After you create a Storage Location object, you must create a list of Storage Location objects that 
can be used with a specified User, Group, Profile, or Container object. Users will see the directory 
associated with the object the next time they log in. After this list is created, you can modify it from 
the same window by assigning additional Storage Location objects to the list or by deleting Storage 
Location objects from the list. 


1 Start your browser (Internet Explorer 5 or later, Mozilla, etc.) and specify the URL for 
iManager. 


The URL is https://server_ip_address/nps/imanager.html. Replace server_ip_address with the 
IP address or DNS name of the Linux server running NetStorage or the IP address for Apache- 
based services. 


2 Type your username and password. 
3 Inthe left column, click File Access, then click Assign Storage Location to Object. 


4 Click the Object Selector button; select the User, Group, Profile, or Container object that the 
list is to be created for; then click OK. 


5 Click the Object Selector button, select the Storage Location objects you want included in this 
list, then click OK. 


You can select multiple Storage Location objects in the Object Selector window. When you 
select multiple Storage Location objects, they appear in the Selected Objects list. If the list 


30  OES NetStorage Administration Guide for Linux 


already contains Storage Location objects and you want to add more, ensure that the original 
objects are still in the list before clicking OK. 


You can remove existing storage locations by deleting their names from the list before clicking 
OK. 


6 When you are finished creating or modifying the list, click OK. 


Modifying a Storage Location Object 


1 Start your browser (Internet Explorer 5 or later, Mozilla, etc.) and specify the URL for 
iManager. 


The URL is https://server_ip_address/nps/imanager.html. Replace server_ip_address with the 
IP address or DNS name of the Linux server running NetStorage or the IP address for Apache- 
based services. 


Type your username and password. 
In the left column, click File Access, then click Edit Storage Location. 


Click the Object Selector, then select the Storage Location object that you want to modify. 
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Modify the display name, display location, or comment, then click OK. 


If you need to modify the object name or eDirectory context, you must delete this object and 
create a new Storage Location object. 


6 Click OK. 


Deleting a Storage Location Object 


1 Start your browser (Internet Explorer 5 or later, Mozilla, etc.) and specify the URL for 
iManager. 


The URL is https://server_ip_address/nps/imanager.html. Replace server ip address with the 
IP address or DNS name of the Linux server running NetStorage or the IP address for Apache- 
based services. 


2 Type your username and password. 
3 Inthe left column, click File Access, then click Delete Storage Location. 


4 Click the Object Selector button, then select the Storage Location object that you want to 
delete. 


5 Click OK. 


5.3 What's Next 


After you have configured NetStorage, inform users that they can access their files from the Web. 
Instructions for accessing files using NetStorage are available in Chapter 4, "Using NetStorage," on 
page 19. 
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Troubleshooting NetStorage 


This section contains information on common troubleshooting issues. In addition to the information 
in this section, additional information is located in Technical Information Documents (TIDs) 
available in the Knowledgebase on the Novell® Support Web site (http://support.novell.com). 


6.1 Unexpected Results from Login Scripts 


When a user authenticates to NetStorage, if NCP Server is installed, the login scripts associated with 
the Novell eDirectory™ User object in the primary authentication domain are processed. These login 
scripts are the same scripts processed by the Novell Client™. 


However, because login scripts were designed to be processed by the Novell Client on the user’s 
workstation, some of the defined statement types and script variables cannot be processed by 
NetStorage. 


Specific information about how login scripts interact with NetStorage is available in Login Script 
Processing by NetStorage" TID10068983 (http://support.novell.com/cgi-bin/search/searchtid.cgi?/ 
10068983.htm). 


The maximum size of a login script is 16 KB. If the 16 KB limit is exceeded, login script drive 
mappings will fail. 


6.2 Slow Login 


The most common cause of a slow login to NetStorage is large or poorly configured login scripts. 
When a user authenticates to the Primary Authentication domain, all applicable login scripts for that 
User object are processed. The more commands executed, the longer the login process. 


Invalid authentication domains can also slow the login process. After the user has been authenticated 
to the Primary Authentication domain, the same username and password is used to authenticate to 
any Secondary Authentication domains. Authentication failure on any of these domains will slow 
logins. Users can successfully authenticate to the Primary Authentication domain but fail at each of 
the secondary domains. 


It is helpful to determine if slow logins are global (all users) or specific to a given user object. If all 
users are affected, it is more likely to be a problem with the XTier authentication domain 
configuration. If a single user or groups of users are affected, check all login scripts that apply to that 
user or group. A problem with a context's login script can affect a large number of users. Mapping 
out which scripts apply to which users can help narrow the problem. 


For more information , see Login Script Processing by NetStorage" TID10068983 (http:// 
support.novell.com/cgi-bin/search/searchtid.cgi?/10068983.htm). 


6.3 Configuring LDAP Contextless Login for Use 
with NetStorage 


When configuring LDAP contextless login, consider the following issues. 
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Primary Authentication Domain: The user must be authenticated to the Primary Authentication 
domain (an eDirectory server with a replica). You can provide more than one context in the Primary 
Authentication domain resulting in each context being searched for the presence of the user. The 
search is performed using an LDAP search of the configured contexts. 


Secondary Authentication Domain: After the user has been authenticated to the Primary 
Authentication domain, the same username and password is used to authenticate to any Secondary 
Authentication domains. The search is performed using an LDAP search of the configured contexts 
for that domain. If authentication to any Secondary domains is unsuccessful, the user is still 
authenticated to the Primary Authentication domain. Authentication failure on a Secondary domain 
can cause a delay in the login process and is one of the most common causes of slow logins to 
NetStorage. 


Enable TLS for Simple Binds with Passwords: Passwords are encrypted in eDirectory, so you 
must enable TLS for simple binds with passwords in LDAP. For more information, see “Requiring 
TLS for Simple Binds with Passwords” in the Novell eDirectory 8.7.3 Administration Guide. 


LDAP will need Read and Browse rights to the entire tree. By default, when a user performs an 
anonymous bind (doesn’t specify a password), a special object in the directory calculates access 
control for that user. This object is termed [Public]. By default, this object can browse the entire tree 
hierarchy and read a limited number of attributes on entries. 


If you want to have an anonymous bind to use a different object in the tree, you can specify that 
object in the Proxy Username field. By doing this, you can restrict the types of objects and attributes 
that anonymous users can access by setting the appropriate access controls on the proxy User object. 
The proxy username must be a distinguished name. To easily select an object, click the directory 
browser button to the right of the text field on the LDAP Group Object. A dialog box appears that 
allows you to choose an object in the tree. Any eDirectory User object can be used and anonymous 
access will assume the rights of that user. 


IMPORTANT: A proxy user must have a blank password in order to work correctly. This is very 
different from having no password. If any user has no password, then they do not have a public/ 
private key pair to compare against when attempting login. A blank password will generate a public/ 
private key pair, although the actual string for the password is empty. 


6.4 Novell iFolder 2.x and NetStorage 


When troubleshooting a NetStorage and Novell iFolder® issue, it is important to first determine if it 
is a NetStorage problem or an iFolder problem. It is easy to spend a great deal of time working the 
problem from the NetStorage end only to find that the user cannot access iFolder directly. A few 
simple tips can help speed the identification of the problem. 


IMPORTANT: It is not currently possible to access iFolder 3.x using NetStorage. 


Q Take NetStorage out of the equation. Make sure the User can successfully log in to iFolder with 
the iFolder client or applet. If login is unsuccessful, the problem is with iFolder and should be 
addressed there. If the user successfully logs in to iFolder, begin troubleshooting the 
NetStorage application. 


Q Enable debugging for the iFolder Storage Provider. In iManager, click iFolder Storage Provider 
and change the Debug Level from 0 (default) to FFFFFFFF, and then restart the server. Log in 
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to NetStorage and attempt to access iFolder. The server logger screen will now display all 
warnings and errors related to the iFolder Provider. 


Q Create a new user for testing. Some problems are user-specific and some problems affect all 
users. Creating a test user can help to determine this. When creating a test user for 
troubleshooting, login scripts and home directories are not needed. 


6.5 Configuring NetStorage to Use the Proper 
Code Page or Character Set 


NetStorage can be configured to use different languages and characters by changing the character set 
or code page on your Linux server. Character set or character map is the Linux equivalent of the 
code page in NetWare®. The default character set for NetStorage is the same as the character set 
Root is configured to use. This character set is determined during the Virtual Office installation. 


You can determine the character set that Root is configured to use by entering locale charmap 
at the Linux server console. Character sets for different users are configured by setting the LC * 
environment variables. 


If the character set that Root is configured to use is not the same as the one that NetStorage is 
configured to use, you must configure NetStorage to use a different character set. To do this, editing 
the \etc\opt\novell\xtier\envvars file and modify the XTIER CODE PAGE environment variable. 


As a general rule, NetStorage should use the same code page as the servers hosting storage that 
NetStorage will access. For example, if NetStorage is being used to access storage on NetWare 
servers that are configured to use the 437 code page, then you should set the XTIER CODE PAGE 
environment variable to 437. 


You can determine which character sets are installed and available on your Linux server by entering 
iconv --list at the server console. 


Character set names may not be exactly the same between NetWare and Linux servers. For example, 
the 1254 NetWare code page maps to the WINDOWS-1254 Linux character set. 


6.6 Configuring NetStorage with iChain 


If you are configuring NetStorage to run behind an iChain server (fronting NetStorage with iChain), 
there are some configuration changes required in order for NetStorage to function properly. These 
configuration changes include enabling cookieless authentication and editing the logout.html.utf8 
file. 


6.6.1 Enabling Cookieless Authentication 


To enable cookieless authentication 


1 Start your browser (Internet Explorer 5 or later, Mozilla, etc.) and specify the URL for 
iManager. 


The URL is http://server ip address/nps/imanager.html. Replace server ip address with the 
IP address or DNS name of the Linux server running NetStorage or the IP address for Apache- 
based services. 


2 Enter your username and password. 
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3 Inthe left column, click File Access, then click NetStorage Options. 
4 Set the value for the Cookieless option to 1. 


The Cookieless option can be turned either on or off. With the value set to 0, Cookieless 
authentication is turned off (the default). Cookieless authentication can be turned on by setting 
the value to 1. 


If Cookieless Authentication is turned on, you must close all browser instances to logout. 


6.6.2 Editing the Logout.html.utf8 file 


The logout.html.utf8 file is located in the /opt/novell/nestorage/webapp directory on the Linux 
server where NetStorage is installed. Edit the file and replace <iChainDNS> with the DNS name of 
the iChain server. To enable iChain logout, some lines must be uncommented and others must be 
removed. There are instructions in the file on which lines to remove and uncomment. 


6.7 Accessing CIFS or SSH Storage Locations 


If you experience problems accessing CIFS (SMB) or SSH storage locations, the problem may be 
related to CIFS or SSH, and not NetStorage. Try logging in using a different client to determine if a 
CIFS or SSH problem exists. 


6.8 LUM Must Have SSHD Access Enabled 


If you want to access local files or files on another server in the same eDirectory tree using the SSH 
file access method, you must leave the SSHD check box checked during the OES installation. The 
check box is in the Linux User Management configuration section on the OES installation. 


The check box is checked by default. If you uncheck the SSHD check box during the OES 
installation, users won't be able to login through SSH and will not be able to access files using that 
method. The SSHD check box must remain checked during the OES installation. Unchecking the 
check box and then checking it after the installation will not resolve this issue. 
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Documentation Updates 


This NetStorage Administration Guide for Linux has been updated with the following information 
on November 1, 2005: 


A.1 November 1, 2005 (Open Enterprise Server 
SP2) 


Location Change 


Entire guide. Page design reformatted to comply with revised 
Novell® documentation standards. 
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